Explain the architecture of Kerberos4?

It’s a basic third-party authentication scheme

  1. have an Authentication Server (AS)
    • users initially negotiate with AS to identify self
    • AS provides a non-corruptible authentication credential (ticket granting ticket TGT)
  2. have a Ticket Granting server (TGS)
    • users subsequently request access to other services from TGS on basis of users TGT
  3. using a complex protocol using DES


Fig:- Kerberos Architecture

Kerberos Realms:

  1. a Kerberos environment consists of:
    • a Kerberos server
    • a number of clients, all registered with server
    • application servers, sharing keys with server
  2. this is termed a realm
    • typically a single administrative domain
  3. if have multiple realms, their Kerberos servers must share keys and trust


Fig:- Kerberos Realm

Leave a Reply

Your email address will not be published. Required fields are marked *